package czy.demo.config.shiro;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.crypto.hash.Sha256Hash;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Component;

/* 默认的证书匹配器 */
@Component
public class DefaultCredentialsMatcher implements CredentialsMatcher {

    private static final Logger logger = LoggerFactory.getLogger(DefaultCredentialsMatcher.class);

    /* 证书匹配方法
     * token：登录参数，用户名、明文密码
     * info：认证信息，后台存储，用户名、加密密码
     * 当根据token查询出info后，进行密码匹配
     */
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        logger.debug("密码匹配："+token.getCredentials()+"，"+info.getCredentials());
        SimpleAuthenticationInfo simpleInfo = (SimpleAuthenticationInfo)info;

        /* 加盐匹配，这里的盐使用SimpleHash生成 */
        return new Sha256Hash(token.getCredentials(),simpleInfo.getCredentialsSalt().getBytes()).equals(info.getCredentials());
    }
}
